 Relationships |
|
| Anonymous | Login | 2024-04-19 21:37 CEST |
| Main | My View | View Issues |
| Viewing Issue Simple Details [ Jump to Notes ] | [ View Advanced ] [ Issue History ] [ Print ] | ||||||
| ID | Category | Severity | Reproducibility | Date Submitted | Last Update | ||
| 0003939 | [nrpe] regular use | tweak | have not tried | 2009-10-05 14:32 | 2012-07-12 11:07 | ||
| Reporter | alexs77 | View Status | public | ||||
| Assigned To | ja | ||||||
| Priority | normal | Resolution | fixed | ||||
| Status | closed | ||||||
| Summary | 0003939: NRPE installation instructions urge to use inetd for tcp_wrappers | ||||||
| Description |
The NRPE installation instructions strongly urge, that tcp_wrappers should be used to protect the installation. For this, it's written that inetd should be used. Right now, nrpe is launched as a standalone daemon. So that nrpe can be launched from inetd, the following line should be appended to /etc/services: nrpe 5666/tcp And to make inetd start/stop nrpe, add this line to /etc/inetd.conf: nrpe stream tcp nowait nagios /usr/sfw/sbin/tcpd /opt/csw/bin/nrpe -c /opt/csw/etc/nrpe.cfg -i On Solaris 10, that line should be written to some temporary file and then inetconv -i $temp_file_with_inetd_line is to be invoked. After that, it might be a good idea to enable TCP_WRAPPER support; on Solaris 10, do: inetadm -m svc:/network/nrpe/tcp:default tcp_wrappers=TRUE For Solaris 8 & 9: tcp_wrappers is equivalent to the previous inetd's /etc/default/inetd property ENABLE_TCPWRAPPERS. So that inetd is able to start nrpe, the $HOME directory of the user starting nrpe (ie. "nagios") has to exist; IOW: /opt/csw/nagios must exist. On a host which only has nrpe (and maybe nagios-plugins) installed, that's not the case. |
||||||
| Additional Information | |||||||
| Tags | No tags attached. | ||||||
| Attached Files | |||||||
|
|
|||||||
|
Relationships |
|
|
Notes |
|
|
(0006850) ja (developer) 2009-10-12 23:01 |
New packages are available in testing. They don't fix the use of a tcp wrapper. They fix the missing home directory and the config files were moved to /etc/opt/csw/. The use of a tcp wrapper needs further investigations. |
|
(0006854) alexs77 (reporter) 2009-10-13 08:20 |
ja, thanks a lot! What further investigation? :) If nrpe is started standalone, then tcp_wrapper isn't used. If started using inetd, then tcp_wrapper can be used (depending on the configuration of the inetd, of course). |
|
(0010018) ja (developer) 2012-07-12 11:07 |
Issue closed. In case of further problems reopen it. |
| Copyright © 2000 - 2008 Mantis Group |  |
